Reuters Collects Website Visitors' IP Addresses Without Consent, Alleges Class Action
Three tracking pixels on the Reuters website collect visitors' IP addresses in violation of the California Invasion of Privacy Act, alleged a class action Monday (docket 1:24-cv-02466) in U.S. District Court for Southern New York in Manhattan.
Sign up for a free preview to unlock the rest of this article
Export Compliance Daily combines U.S. export control news, foreign border import regulation and policy developments into a single daily information service that reliably informs its trade professional readers about important current issues affecting their operations.
Zhizhi Xu alleges the tracking pixels Reuters uses are “pen registers” under CIPA because they are a “device or process” that captured the “routing, addressing, or signaling information” -- the IP address -- from the electronic communications transmitted by Xu’s and the class’ computers or smartphones.
The tracking pixels cause a user’s browser to send identifying information, including IP address, to advertising technology companies including Sharethrough, DoubleVerify and TripleLift, said the complaint. The trackers collect IP addresses that identify the user's outgoing routing, addressing or signaling information, the complaint said. The IP address, a unique identifier for an internet-connected device, contains geographical location that identifies a user’s state, city and ZIP code, the complaint said.
Knowing a user's geographical location provides a “specificity previously unfound in marketing” that allows an advertiser to target customers by countries, cities and neighborhoods and down to specific households, businesses and individuals, the complaint said. Such pinpoint targeting helps businesses "avoid wasting money on ads that are unlikely to be seen by their target audience,” it said.
The first time users visit Reuters’ website, their browsers send an HTTP request to Reuters' server, and that server sends an HTTP response with directions to install the adtech companies' trackers on users' browsers, said the complaint. The trackers, in turn, instruct users' browsers to send them their IP address, it said.
Sharethrough’s “audience curation packages” allow the company’s clients to place ads on curated sites, “with intentional placement” and targeted at specific audiences based on data, demographics and site content “to reach advertiser audiences at scale,” the complaint said. It gave as examples, Super Bowl fans, members and allies of the LGBTQ community, and Generation Z individuals.
Xu and class members didn’t provide prior consent to Reuters for the media company to install or use the pixels on his browser, nor did it obtain a court order before installing them, said the complaint. Xu of Santa Clara,California, seeks judgment against Reuters and orders for damages of $5,000 for each CIPA violation, pre- and post-judgment interest, an order of restitution and attorneys’ fees and costs. Reuters didn't comment Tuesday.